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Abstract 
This document describes the conventions for using several Elliptic 
Curve cryptographic algorithms with the Cryptographic Message Syntax 
(CMS) encrypted key package content type. Specifically, it includes 
conventions necessary to implement Elliptic Curve Diffie-Hellman 
(ECDH) with EnvelopedData and Elliptic Curve Digital Signature 
Algorithm (ECDSA) with SignedData. This document extends RFC 6033. 
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Introduction 


This document describes the conventions for using Elliptic Curve 
cryptographic algorithms with the Cryptographic Message Syntax (CMS) 
encrypted key package content type [RFC6032]. Specifically, it 
includes conventions necessary to implement the following CMS content 
types: EnvelopedData [RFC5652] and SignedData [RFC5652]. This 
document amends [RFC6033]. Familiarity with [RFC6033] and [RFC5753] 
is assumed. 


This document does not define any new algorithms; instead, it refers 
to previously defined algorithms. 


1 Terminology 

The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", 
"SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and 
"OPTIONAL" in this document are to be interpreted as described in 
[RFC2119]. 


EnvelopedData 


When key agreement is used, standard (as opposed to cofactor) ECDH 
[RFC6090] [RFC5753] MAY be supported. 


SignedData 

If an implementation encapsulates EncryptedKeyPackage with SignedData 
[RFC5652], then it MAY support the signature scheme ECDSA 

[RFC6090] [RFC5753]. 

Public Key Sizes 

The easiest way to implement SignedData and EnvelopedData is with 
public key certificates [RFC5280][RFC5480]. If an implementation 
supports ECDSA or ECDH, then it MUST support keys on the P-256 curve. 


Security Considerations 


The security considerations from [RFC5280], [RFC5480], [RFC5652], 
[RFC5753], [RFC6033], and [RFC6090] apply. 
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